How to detect inline PGP in mails! Best practice?
Sascha Kiefer
sk at intertivity.com
Fri Jun 17 12:42:23 CEST 2005
Thanks.
But S/MIME and PGP/MIME works fine already. ;-)
What is still (partly) unfinsihed is PGP/INLINE.
Regards,
Sascha
Shaun Lipscombe schrieb:
>* Sascha Kiefer wrote:
>
>
>
>>Hi list,
>>
>>i'm writing on a programm which verifies and decrypts messages as they
>>arrive. It it is fully S/MIME (using M$ Crypto API) and PGP/MIME
>>(GnuPG) compatible. The hardest problem i face is to detect inline
>>PGP parts and handling them correctly:
>>
>>
>
>Well you could write a procmail rule to detect the S/MIME attachments.
>
>Content-Type: multipart/signed; protocol= one of these:
>
>MIME Type File Extension
>
>Application/pkcs7-mime (signedData, .p7m
>envelopedData)
>
>Application/pkcs7-mime (degenerate .p7c
>signedData "certs-only" message)
>
>Application/pkcs7-signature .p7s
>
>Then pipe the command through openssl.
>
>You cant use mimeStrip.pl or stripmime.pl (although they work great for
>normal attachments) you would need to modify them to work with S/MIME.
>You could then pipe the attachment through stripsmime.pl and then
>openssl.
>
>As for the PGP data...
>
>:0 fBw
>* ^-----BEGIN PGP MESSAGE-----
>* * !Content-type: multipart
>| formail -i "Content-Type: application/pgp; format=text; x-action=encryptsign"
>
>:0 fBw
>* ^-----BEGIN PGP SIGNED MESSAGE-----
>* !Content-type: multipart
>| formail -i "Content-Type: application/pgp; format=text; x-action=sign"
>
>And then pipe it through gpg using no passphrase on your private key.
>Automating decryption in this way is justified so long as you understand
>the implications and the person knows that the public key (or
>certificate for S/MIME) is that of a computer rather than a person.
>
>Shaun
>
>_______________________________________________
>Gnupg-users mailing list
>Gnupg-users at gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
>
>
More information about the Gnupg-users
mailing list